In past few months, several research groups have uncovered vulnerabilities in the Intel remote administration feature known as the Management Engine (ME) which could allow remote attackers to gain full control of a targeted computer.

Now, Intel has admitted that these security vulnerabilities could "potentially place impacted platforms at risk." [...]

As long as the system is connected to a line power and a network cable, these remote functions can be performed out of band even when the computer is turned off as it operates independently of the operating system.

I always stay a couple of generations behind 'the curve'. But if you're running the latest n' greatest Intel CPU, you might want to check your machine for vulns.

*** Risk Assessment ***Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

All good here

Isn't this the vulnerability Dell fixed with the recent BIOS updates ?

« Last Edit: November 26, 2017, 04:20:34 pm by PCNetSpec »

Logged

WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Ehhhh???My 6430's BIOS is on A21 & I've just checked the Dell website & it is still listed as the latest version?? Even in the link you posted mucker it shows your BIOS version as A21 (unless of course you updated to the elusive A25 afterwards)??

Looks like my 3rd gen processor isn't affected - according to the linked article you give in your OP VinDSL:

Some hardware vendors are reacting to the recent revelation that some of Intel's core CPU technology is riddled with security holes.

At the time of writing, three laptop and computer vendors have started offering a way to buy products without Intel ME (Management Engine), or have said they'll deliver firmware updates that disable the technology [....]

System76

The second company that took a similar step was System76, a seller of custom Linux PC rigs. In a blog post this week, the company explains its decision and puts forward the following rollout plan.

System76 will automatically deliver updated firmware with a disabled ME on Intel 6th, 7th, and 8th Gen laptops. The ME provides no functionality for System76 laptop customers and is safe to disable.

The roll out will occur over time and customers will be notified by email prior to delivery

You must run Ubuntu 16.04 LTS, Ubuntu 17.04, Ubuntu 17.10, Pop!_OS 17.10, or an Ubuntu derivative and have the System76 driver installed to receive the latest firmware and disabled ME on laptops*

System76 will investigate producing a distro-agnostic command line firmware install tool. Follow us on your preferred social network for updates.

System76 will not disable the ME on desktops but will provide updated ME firmware

Desktop customers will receive instructions for updating the ME via email as they are available